1. Fastmail
  2. Setup
  3. Other

API tokens

API tokens are developer keys used to access your account's information for integrations.

An API token grants access to your account's information. Treat your API token like an app password: only select the level of access that you need, and do not give an API token to anybody you do not trust.

Note: API tokens are not available to users on Basic subscription plans.

Creating an API token

To create an API token:

  1. Open the Settings → Privacy & Security screen and click the Integrations tab.
  2. Find the API tokens section and click Manage.
  3. Click New API token.
    1. A Verify it's you box will appear. Enter your password and click Continue. (For more information, see our Password-protected actions help page.)
  4. Enter a name to identify this API token. (Make sure it's something you will be able to read and understand in the future, in case you need to review or revoke access.)
  5. Select whether your API token should have read-only access, and the level of access your API token is granted.
  6. Click Generate Password.

The next page will display your new API token. Copy and paste the token into a safe place before you click the Done button in your Fastmail settings, as you will not be able to see it again.

Reviewing and removing API tokens

You can review an API token's access details at any time, which include the following:

  • What the API token has access to
  • The date and time access was first given
  • The date and time of most recent access

To review an API token's access details:

  1. Open the Settings → Privacy & Security screen and click the Integrations tab.
  2. Find the API tokens section and click Manage.
  3. Find your device in the API tokens list and click Review access

You can remove an API token at any time if you no longer use or trust an app, or if you lose your device.

To remove an API token:

  1. Open the Settings → Privacy & Security screen and click the Integrations tab.
  2. Find the API tokens section and click Manage.
  3. Find your device in the API tokens list and click Review access
  4. Click Remove access.
  5. Click OK if you are sure you want to continue, as this action cannot be undone.
  6. A Verify it's you box will appear. Enter your password and click Continue. (For more information, see our Password-protected actions help page.)
  7. You will return to the API tokens screen, where you can confirm that the API token has been removed.

Where can I learn more about using API tokens?

If you're interested in learning more about writing integrations with Fastmail, a great place to start is reading our developer documentation.

API token integrations

Was this article helpful?
4 out of 8 found this helpful